From dd328f06ca9850b9d0b9aaa70f4cbb893570e7d9 Mon Sep 17 00:00:00 2001
From: Zunli Hu <zuh@microsoft.com>
Date: Tue, 13 Jul 2021 16:02:34 +0800
Subject: [PATCH] [Storage] Fix issues (#18811)

* fix

* fix jwt
---
 .../azure/cli/command_modules/storage/_validators.py     | 9 ++++++---
 .../azure/cli/command_modules/storage/azcopy/util.py     | 2 +-
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/azure-cli/azure/cli/command_modules/storage/_validators.py b/src/azure-cli/azure/cli/command_modules/storage/_validators.py
index 5af3038a683..581f33034cc 100644
--- a/src/azure-cli/azure/cli/command_modules/storage/_validators.py
+++ b/src/azure-cli/azure/cli/command_modules/storage/_validators.py
@@ -1760,9 +1760,12 @@ def validate_fs_directory_download_source_url(cmd, namespace):
     if namespace.source_path:
         file_client = client.get_file_client(file_path=namespace.source_path)
         url = file_client.url
-    namespace.source = _add_sas_for_url(cmd, url=url, account_name=namespace.account_name,
-                                        account_key=namespace.account_key, sas_token=namespace.sas_token,
-                                        service='blob', resource_types='co', permissions='rl')
+    if _is_valid_uri(url):
+        namespace.source = url
+    else:
+        namespace.source = _add_sas_for_url(cmd, url=url, account_name=namespace.account_name,
+                                            account_key=namespace.account_key, sas_token=namespace.sas_token,
+                                            service='blob', resource_types='co', permissions='rl')
     del namespace.source_fs
     del namespace.source_path
 
diff --git a/src/azure-cli/azure/cli/command_modules/storage/azcopy/util.py b/src/azure-cli/azure/cli/command_modules/storage/azcopy/util.py
index 8c690b7532b..ca8c741564c 100644
--- a/src/azure-cli/azure/cli/command_modules/storage/azcopy/util.py
+++ b/src/azure-cli/azure/cli/command_modules/storage/azcopy/util.py
@@ -142,7 +142,7 @@ def _unserialize_non_msi_token_payload(token_info):
     import jwt  # pylint: disable=import-error
 
     parsed_authority = urlparse(token_info['_authority'])
-    decode = jwt.decode(token_info['accessToken'], verify=False, algorithms=['RS256'])
+    decode = jwt.decode(token_info['accessToken'], algorithms=['RS256'], options={"verify_signature": False})
     return {
         'access_token': token_info['accessToken'],
         'refresh_token': token_info['refreshToken'],